This project has moved. For the latest updates, please go here.

Using encryption on SSDs and USBs with wear leveling controllers

Topics: Technical Issues, Users Discussion
Nov 27, 2016 at 10:46 PM
The veracrypt docs and discussions say if you want plausible deniability do not encrypt on such devices. But the problem appears to be not that you risk a loss of your data due to normal computer functions; but is one of loosing you data to an adversary if, due so physical location shifting of the wear leveling process moves a block of data or a whole sector of data to another location and this is completely transparent to veracrypt. Apparently, the move processes of the wear leveling controller do not go back and erase the old area where the data resided before the move. The problem is similarly caused by a defragmentation and other disc management techniques. But in the case of de-frag, a "erase all unused space" operation is recommended as a work around fix. But this is not mentioned as a workaround in the case of a wear leveling cause. I'm wondering if this is because the timing of the wear leveling data shift is unknown and therefore you can't be sure that your erase all free space schedule is effective. BUT, in the case of someone using a USB flash drive for an encrypted secure data storage for passwords, and leaving it unplugged except when needed to add a new or retrieve an old password, if it would be an effective cure to simply run an "erase all free space just prior to ejecting the USB device?